Arbitrary Code Execution

binary-parser is vulnerable to Arbitrary Code Execution. The vulnerability is due to unsanitized interpolation of untrusted values into dynamically generated code, where attacker-controlled parser field names or encoding parameters are embedded directly into generated JavaScript, allowing arbitra...

binary-parser library has a code injection vulnerability

A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without...

CVE-2026-1245

A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without...

CVE-2026-1245

A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without...

CVE-2026-1245

CVE-2026-1245 is a code-injection vulnerability in the binary-parser library, affecting versions prior to 2.3.0. The issue arises from unsanitized values used in parser field names or encoding parameters, which are directly interpolated into dynamically generated code (via the Function constructo...

cookie accepts cookie name, path, and domain with out of bounds characters

Impact The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. For example, serialize"userName=alert'XSS3'; Max-Age=2592000; a", value would result in "userName=alert'XSS3'; Max-Age=2592000; a=test", setting userName cookie to and ignoring value. ...

Node.js: Regular Expression Denial of Service in Headers fetch API

Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the Headers.set and Headers.append methods are vulnerable to Regular Expression Denial of Service ReDoS attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normali...

Node.js: Regular Expression Denial of Service in Headers fetch API

Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the Headers.set and Headers.append methods are vulnerable to Regular Expression Denial of Service ReDoS attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normali...

undici 安全漏洞

undici is an HTTP/1.1 client. A security vulnerability exists in undici versions prior to 5.19.1 that stems from vulnerability to regular expression denial of service ReDoS attacks when passing untrusted values to functions...

Design/Logic Flaw

The GitHub Actions ToolKit provides a set of packages to make creating actions easier. The core.exportVariable function uses a well known delimiter that attackers can use to break out of that specific variable and assign values to other arbitrary variables. Workflows that write untrusted values t...

CVE-2022-24775

guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workarounds...

Input validation

guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workarounds...

CVE-2022-24775

guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workarounds...

CVE-2022-24775 Improper Input Validation in guzzlehttp/psr7

guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workarounds...

CVE-2022-24775

guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workarounds...

Inproper parsing of HTTP headers

Impact Improper header parsing. An attacker could sneak in a carriage return character \r and pass untrusted values in both the header names and values. Patches The issue is patched in 1.8.4 and 2.1.1. Workarounds There are no known workarounds. References...

Kernel: speculative bounds check bypass store

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an...

rubygem-activerecord: Strong Parameter bypass with create_with

It was discovered that Active Record's createwith method failed to properly check attributes passed to it. A remote attacker could possibly use this flaw to bypass the strong parameter protection and modify arbitrary model attributes via mass assignment if an application using Active Record calle...